OTL logfile created on: 6/1/2011 11:44:48 PM - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Tomek\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
 
2.93 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 41.93% Memory free
5.85 Gb Paging File | 4.03 Gb Available in Paging File | 68.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237.71 Gb Total Space | 25.13 Gb Free Space | 10.57% Space Free | Partition Type: NTFS
Drive D: | 45.28 Gb Total Space | 2.12 Gb Free Space | 4.69% Space Free | Partition Type: NTFS
 
Computer Name: TOMEK-KOMPUTER | User Name: Tomek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/06/01 14:34:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
PRC - [2011/05/05 10:54:45 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/02/23 16:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/10/07 10:04:26 | 012,661,344 | ---- | M] (GG Network S.A.) -- C:\Program Files (x86)\Gadu-Gadu 10\gg.exe
PRC - [2010/07/27 00:01:58 | 003,474,848 | ---- | M] (Webshots.com) -- C:\PROGRA~2\Webshots\315~1.761\webshots.scr
PRC - [2010/07/12 18:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) -- C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe
PRC - [2010/05/21 01:29:12 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 01:29:08 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/14 09:17:48 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/06/03 13:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/04/15 16:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2011/06/01 14:34:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll
MOD - [2011/02/23 16:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2011/02/23 16:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:[b]64bit:[/b] - [2009/10/02 18:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/02/16 15:49:08 | 000,101,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/06/29 08:04:18 | 000,020,480 | ---- | M] (AG Interactive) [Auto | Running] -- C:\Program Files (x86)\AGI\core\4.2.0.10753\AGCoreService.exe -- (AGCoreService)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011/02/23 15:55:05 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2011/01/16 06:24:09 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2011/01/16 06:24:08 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010/11/12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010/06/10 03:45:38 | 001,605,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010/02/26 20:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:[b]64bit:[/b] - [2010/02/11 01:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:[b]64bit:[/b] - [2009/11/20 08:09:48 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/10/02 18:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:[b]64bit:[/b] - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2009/08/29 05:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:[b]64bit:[/b] - [2009/08/29 05:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/07/01 22:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:[b]64bit:[/b] - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009/05/28 08:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:[b]64bit:[/b] - [2009/04/08 01:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2010/12/18 13:03:58 | 000,025,280 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010/08/30 15:24:17 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/mediaget/{B5276F25-96DF-4CBF-A1D1-8D782D1302E6}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-606138750-3606273870-274665690-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-606138750-3606273870-274665690-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-606138750-3606273870-274665690-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-606138750-3606273870-274665690-1001\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-606138750-3606273870-274665690-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.selectedEngine: "qooqlle"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.qooqlle.com/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: cssreloader@kenneth.io:1.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..keyword.URL: "http://www.google.com/cse?cx=partner-pub-5462406484424654%3A8q0sn8-w2ss&ie=ISO-8859-1&q="
FF - prefs.js..network.proxy.backup.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ftp_port: 9666
FF - prefs.js..network.proxy.backup.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.backup.gopher_port: 9666
FF - prefs.js..network.proxy.backup.socks: "127.0.0.1"
FF - prefs.js..network.proxy.backup.socks_port: 9666
FF - prefs.js..network.proxy.backup.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.backup.ssl_port: 9666
FF - prefs.js..network.proxy.ftp: "127.0.0.1"
FF - prefs.js..network.proxy.ftp_port: 9666
FF - prefs.js..network.proxy.gopher: "127.0.0.1"
FF - prefs.js..network.proxy.gopher_port: 9666
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9666
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011/03/27 11:10:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/26 19:47:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/05 10:54:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/03/27 11:56:51 | 000,000,000 | ---D | M]
 
[2010/10/22 21:35:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Extensions
[2011/05/28 14:39:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tomek\AppData\Roaming\mozilla\Firefox\Profiles\adsefcfs.default\extensions
[2011/03/21 18:15:12 | 000,009,980 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\adsefcfs.default\searchplugins\mywebsearch.xml
[2011/06/01 15:31:49 | 000,001,860 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\Mozilla\Firefox\Profiles\adsefcfs.default\searchplugins\search.xml
[2011/02/12 16:52:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010/10/27 00:10:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/27 21:40:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/13 06:51:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/26 19:47:28 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/03/27 11:10:58 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2011/05/05 10:54:45 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011/03/27 11:09:10 | 000,002,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\allegro-pl.xml
[2011/03/27 11:09:10 | 000,001,406 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fbc-pl.xml
[2011/03/27 11:09:10 | 000,000,917 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\merlin-pl.xml
[2011/03/27 11:09:10 | 000,000,858 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\pwn-pl.xml
[2011/03/27 11:09:10 | 000,001,183 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011/03/27 11:09:10 | 000,001,683 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wp-pl.xml
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:[b]64bit:[/b] - HKU\S-1-5-21-606138750-3606273870-274665690-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKLM..\Run: [APLangApp] C:\Program Files (x86)\AnyPC Client\APLangApp.exe (DoctorSoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-606138750-3606273870-274665690-1001..\Run: [ALLUpdate] C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe ()
O4 - HKU\S-1-5-21-606138750-3606273870-274665690-1001..\Run: [Gadu-Gadu 10] C:\Program Files (x86)\Gadu-Gadu 10\gg.exe (GG Network S.A.)
O4 - HKU\S-1-5-21-606138750-3606273870-274665690-1001..\Run: [Odkurzacz-MCD] C:\Program Files (x86)\Odkurzacz\odk_mcd.exe (Franmo Software)
O4 - HKU\S-1-5-21-606138750-3606273870-274665690-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O4 - Startup: C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe (Webshots.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8:[b]64bit:[/b] - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Funkcja Google Sidewiki - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Wyślij do interfejsu Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Wyślij do urządzenia &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4d525065-e3fc-11df-8ed9-c44619b29ddd}\Shell - "" = AutoRun
O33 - MountPoints2\{4d525065-e3fc-11df-8ed9-c44619b29ddd}\Shell\AutoRun\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/06/01 17:52:36 | 000,720,952 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Tomek\Desktop\SPTDinst-v178-x64.exe
[2011/06/01 15:02:25 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/01 14:54:52 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Malwarebytes
[2011/06/01 14:54:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/01 14:54:42 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/06/01 14:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/01 14:34:37 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
[2011/05/31 20:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoCore Games
[2011/05/31 13:08:44 | 000,000,000 | --SD | C] -- C:\Users\Tomek\Documents\Moje źródła danych
[2011/05/30 00:04:52 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/05/30 00:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/05/30 00:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2011/05/27 15:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2011/05/27 15:03:55 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc71.dll
[2011/05/27 08:54:34 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Desktop\makro
[2011/05/26 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Unity
[2011/05/26 21:41:41 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\Unity
[2011/05/26 00:46:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
[2011/05/26 00:44:52 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\windows\IsUn0415.exe
[2011/05/26 00:40:31 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\Microsoft Games
[2011/05/26 00:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games
[2011/05/26 00:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2011/05/25 23:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vu Games
[2011/05/25 21:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
[2011/05/25 19:08:21 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\CAPCOM
[2011/05/25 19:06:58 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Local\CAPCOM
[2011/05/25 10:37:38 | 000,000,000 | ---D | C] -- C:\Users\Tomek\Documents\Folder wymiany interfejsu Bluetooth
[2011/05/24 08:42:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/05/23 12:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011/05/23 12:26:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/05/23 12:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011/05/23 00:49:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Odkurzacz
[2011/05/16 16:23:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2011/05/16 16:23:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2011/05/15 11:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011/05/15 11:14:36 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\windows\SysWow64\lameACM.acm
[2011/05/15 11:14:36 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\windows\SysWow64\yv12vfw.dll
[2011/05/15 11:14:36 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\SysWow64\ac3acm.acm
[2011/05/13 11:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
[2011/05/11 16:59:56 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2011/05/11 16:59:54 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2011/05/11 16:59:54 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2011/05/09 15:49:01 | 000,000,000 | ---D | C] -- C:\Users\Tomek\AppData\Roaming\InstallShield
[2011/02/02 03:04:05 | 000,065,602 | ---- | C] ( ) -- C:\windows\SysWow64\cook.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/06/01 23:47:35 | 004,980,736 | -HS- | M] () -- C:\Users\Tomek\NTUSER.DAT
[2011/06/01 23:02:00 | 000,001,048 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/01 22:57:58 | 000,001,044 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/01 22:44:58 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/06/01 18:10:02 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempYU3152.html
[2011/06/01 18:10:02 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempHb3152.html
[2011/06/01 18:02:21 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 18:02:21 | 000,014,144 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/01 17:54:51 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2011/06/01 17:54:30 | 3142,111,232 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/01 17:54:00 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempVW2508.html
[2011/06/01 17:54:00 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempMO2508.html
[2011/06/01 17:53:59 | 001,741,898 | -H-- | M] () -- C:\Users\Tomek\AppData\Local\IconCache.db
[2011/06/01 17:52:37 | 000,720,952 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Tomek\Desktop\SPTDinst-v178-x64.exe
[2011/06/01 15:51:44 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempNv3552.html
[2011/06/01 15:51:44 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempHm3552.html
[2011/06/01 15:29:55 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Temptu3308.html
[2011/06/01 15:29:55 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempBO3308.html
[2011/06/01 15:19:50 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempVr4084.html
[2011/06/01 15:19:50 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempYo4084.html
[2011/06/01 15:02:25 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 14:34:46 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tomek\Desktop\OTL.exe
[2011/05/31 22:15:46 | 002,927,101 | ---- | M] () -- C:\Users\Tomek\Desktop\Informatyka Ekonomiczna.rar
[2011/05/31 11:30:27 | 001,552,302 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2011/05/31 11:30:27 | 000,697,438 | ---- | M] () -- C:\windows\SysNative\perfh015.dat
[2011/05/31 11:30:27 | 000,615,958 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2011/05/31 11:30:27 | 000,136,896 | ---- | M] () -- C:\windows\SysNative\perfc015.dat
[2011/05/31 11:30:27 | 000,107,594 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2011/05/31 11:22:38 | 000,001,136 | ---- | M] () -- C:\Users\Tomek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
[2011/05/30 00:04:53 | 000,001,007 | ---- | M] () -- C:\Users\Tomek\Desktop\SpeedFan.lnk
[2011/05/30 00:04:52 | 000,000,045 | ---- | M] () -- C:\windows\SysWow64\initdebug.nfo
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2011/05/25 21:32:49 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempg29864.html
[2011/05/25 21:32:49 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\TempF29864.html
[2011/05/23 17:30:17 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempk13276.html
[2011/05/23 17:30:17 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Temps13276.html
[2011/05/23 12:26:43 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011/05/17 14:09:22 | 000,000,534 | ---- | M] () -- C:\windows\win.ini
[2011/05/11 20:22:04 | 000,002,432 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempd10720.html
[2011/05/11 20:22:04 | 000,002,089 | ---- | M] () -- C:\Users\Tomek\AppData\Local\Tempz10720.html
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/06/01 18:10:02 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempYU3152.html
[2011/06/01 18:10:02 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempHb3152.html
[2011/06/01 17:53:59 | 001,741,898 | -H-- | C] () -- C:\Users\Tomek\AppData\Local\IconCache.db
[2011/06/01 16:44:05 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempVW2508.html
[2011/06/01 16:44:05 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempMO2508.html
[2011/06/01 15:32:20 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempNv3552.html
[2011/06/01 15:32:20 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempHm3552.html
[2011/06/01 15:23:19 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Temptu3308.html
[2011/06/01 15:23:19 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempBO3308.html
[2011/06/01 15:02:25 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/01 14:46:39 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempVr4084.html
[2011/06/01 14:46:39 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempYo4084.html
[2011/05/31 22:15:33 | 002,927,101 | ---- | C] () -- C:\Users\Tomek\Desktop\Informatyka Ekonomiczna.rar
[2011/05/30 00:04:53 | 000,001,007 | ---- | C] () -- C:\Users\Tomek\Desktop\SpeedFan.lnk
[2011/05/30 00:04:52 | 000,000,045 | ---- | C] () -- C:\windows\SysWow64\initdebug.nfo
[2011/05/27 15:03:55 | 000,040,960 | R--- | C] () -- C:\windows\SysWow64\psfind.dll
[2011/05/24 14:53:18 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempg29864.html
[2011/05/24 14:53:18 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempF29864.html
[2011/05/23 17:15:05 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempk13276.html
[2011/05/23 17:15:05 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Temps13276.html
[2011/05/23 12:26:43 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2011/05/15 11:14:42 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/05/15 11:14:36 | 000,000,414 | ---- | C] () -- C:\windows\SysWow64\lame_acm.xml
[2011/05/15 11:14:35 | 000,080,896 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/05/15 11:14:35 | 000,000,590 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll.manifest
[2011/05/11 16:56:04 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempd10720.html
[2011/05/11 16:56:04 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempz10720.html
[2011/04/09 13:18:38 | 000,000,573 | ---- | C] () -- C:\windows\eReg.dat
[2011/03/06 01:45:01 | 000,006,656 | ---- | C] () -- C:\Users\Tomek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/15 15:51:35 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin
[2011/02/13 23:05:33 | 000,000,093 | ---- | C] () -- C:\Users\Tomek\AppData\Local\fusioncache.dat
[2011/02/13 23:04:19 | 001,576,536 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/01/29 11:11:34 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempFTD808.html
[2011/01/29 11:11:34 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempjqr808.html
[2011/01/10 22:50:00 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempgCg696.html
[2011/01/10 22:50:00 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempAHL696.html
[2011/01/01 20:43:46 | 000,042,537 | ---- | C] () -- C:\windows\War3Unin.dat
[2010/12/16 10:08:40 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\Tempyzs888.html
[2010/12/16 10:08:40 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempMPu888.html
[2010/10/28 09:41:27 | 000,002,432 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TempYfr908.html
[2010/10/28 09:41:27 | 000,002,089 | ---- | C] () -- C:\Users\Tomek\AppData\Local\TemppZU908.html
[2010/10/22 22:18:12 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2010/10/22 21:57:55 | 000,258,048 | ---- | C] () -- C:\windows\SysWow64\libFLAC.dll
[2010/10/22 20:45:59 | 000,089,632 | ---- | C] () -- C:\Users\Tomek\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2010/04/25 07:31:59 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2010/04/25 07:19:15 | 000,000,426 | ---- | C] () -- C:\windows\HotFixList.ini
[2010/04/25 06:51:09 | 000,311,296 | ---- | C] () -- C:\windows\SysWow64\Rezip.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009/07/14 04:35:42 | 000,001,405 | ---- | C] () -- C:\windows\msdfmap.ini
[2009/07/14 04:34:57 | 000,000,534 | ---- | C] () -- C:\windows\win.ini
[2009/07/14 04:34:57 | 000,000,219 | ---- | C] () -- C:\windows\system.ini
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2006/10/08 19:33:54 | 000,000,000 | ---- | C] () -- C:\windows\R-series.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/10/27 22:52:35 | 000,000,000 | ---D | M] -- C:\Users\dzierzakg\AppData\Roaming\GHISLER
[2011/04/19 19:20:04 | 000,000,000 | ---D | M] -- C:\Users\Gość\AppData\Roaming\GHISLER
[2010/10/30 10:59:56 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\DAEMON Tools Lite
[2010/11/28 13:21:38 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Gadu-Gadu 10
[2011/04/07 20:54:45 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\GameRanger
[2011/01/10 05:49:36 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\GHISLER
[2010/11/29 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\ICSharpCode
[2010/11/17 02:29:21 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Leadertech
[2011/03/16 21:09:33 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\LolClient
[2011/05/25 20:19:26 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Moje pliki Bitwy o Śródziemie™ II
[2010/10/25 23:42:42 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\OpenFM
[2010/11/16 03:04:27 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\OpenOffice.org
[2010/12/11 19:29:21 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\TS3Client
[2010/11/26 00:01:18 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Ubisoft
[2011/05/26 22:15:15 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Unity
[2011/01/30 21:08:37 | 000,000,000 | ---D | M] -- C:\Users\Tomek\AppData\Roaming\Webshots
[2011/04/07 11:41:36 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:268F887D

< End of report >